root / image_creator / os_type / unix.py @ c16922f7
History | View | Annotate | Download (1.8 kB)
1 |
#!/usr/bin/env python
|
---|---|
2 |
|
3 |
import re |
4 |
import sys |
5 |
|
6 |
from image_creator.os_type import OSBase |
7 |
|
8 |
|
9 |
class Unix(OSBase): |
10 |
|
11 |
sensitive_userdata = ['.bash_history']
|
12 |
|
13 |
def get_metadata(self): |
14 |
meta = super(Unix, self).get_metadata() |
15 |
meta["USERS"] = " ".join(self.get_passworded_users()) |
16 |
return meta
|
17 |
|
18 |
def get_passworded_users(self): |
19 |
users = [] |
20 |
regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
|
21 |
|
22 |
for line in self.g.cat('/etc/shadow').splitlines(): |
23 |
match = regexp.match(line) |
24 |
if not match: |
25 |
continue
|
26 |
|
27 |
user, passwd = match.groups() |
28 |
if len(passwd) > 0 and passwd[0] == '!': |
29 |
print "Warning: Ignoring locked %s account." % user |
30 |
else:
|
31 |
users.append(user) |
32 |
|
33 |
return users
|
34 |
|
35 |
def data_cleanup(self): |
36 |
self.cleanup_userdata()
|
37 |
self.cleanup_tmp()
|
38 |
self.cleanup_log()
|
39 |
self.cleanup_mail()
|
40 |
self.cleanup_cache()
|
41 |
|
42 |
def cleanup_cache(self): |
43 |
self.foreach_file('/var/cache', self.g.rm, ftype='r') |
44 |
|
45 |
def cleanup_tmp(self): |
46 |
self.foreach_file('/tmp', self.g.rm_rf, maxdepth=1) |
47 |
self.foreach_file('/var/tmp', self.g.rm_rf, maxdepth=1) |
48 |
|
49 |
def cleanup_log(self): |
50 |
self.foreach_file('/var/log', self.g.truncate, ftype='r') |
51 |
|
52 |
def cleanup_mail(self): |
53 |
self.foreach_file('var/spool/mail', self.g.rm_rf, maxdepth=1) |
54 |
self.foreach_file('var/mail', self.g.rm_rf, maxdepth=1) |
55 |
|
56 |
def cleanup_userdata(self): |
57 |
homedirs = ['/root'] + self.ls('/home/') |
58 |
|
59 |
for homedir in homedirs: |
60 |
for data in self.sensitive_userdata: |
61 |
fname = "%s/%s" % (homedir, data)
|
62 |
if self.g.is_file(fname): |
63 |
self.g.scrub_file(fname)
|
64 |
|
65 |
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :
|